5 matches found
CVE-2025-35966
Bloomberg Comdb2 8.1 is affected by CVE-2025-35966 due to a null pointer dereference in the CDB2SQLQUERY protocol buffer message handling. A specially crafted protocol buffer message sent over TCP can cause a denial of service. Talos documents confirm vulnerable versions and note exploitation via...
CVE-2025-36520
CVE-2025-36520 : Bloomberg Comdb2 8.1 is affected by a null pointer dereference in the net_connectmsg Protocol Buffer Message handling. A specially crafted network packet can trigger a denial of service by causing a NULL dereference during decoding of NetConnectMsg (notably in process_connect_mes...
CVE-2025-48498
CVE-2025-48498 is a denial-of-service vulnerability in Bloomberg Comdb2 8.1’s Distributed Transaction component. A null pointer dereference can occur while processing coordination fields when handling a specially crafted protocol buffer in a network message over TCP, potentially crashing the comd...
CVE-2025-46354
Summary: CVE-2025-46354 affects Bloomberg Comdb2 8.1, in the Distributed Transaction Commit/Abort Operation. A specially crafted network packet can trigger a denial of service. TALOS details show the vulnerability hinges on the CDB2_DISTTXN/Disttxn processing for COMMIT and ABORT, where a commit ...
CVE-2025-36512
CVE-2025-36512 describes a denial-of-service in Bloomberg Comdb2 8.1 when handling a distributed transaction heartbeat. A specially crafted protocol buffer message sent over TCP can cause a DoS, with the CVE affecting the heartbeat path of distributed transactions. Talos confirms vulnerable versi...